# Common Setup procedures for all Kubernetes nodes
#### Swap off

kubernetes_swap_off:
  cmd.run:
    - name: swapoff -a
    - unless: "grep -q '^[^#]* swap' /etc/fstab"
    - stateful: False

kubernetes_fstab+no_swap:
  cmd.run:
    - name: swapoff -a
    - pat: '^(\S+\s+none\s+swap\s+sw\s+0\s+0)$'
    - repl: '#\1'
    - stateful: False

#### Necessary Kernel Modules

kubernetes_kmod_config_dir:
  file.directory:
    - name: /etc/modules-load.d
    - mode: 755
    - makedirs: True


kubernetes_kmod_config_file:
  file.managed:
    - name: /etc/modules-load.d/k8s.conf
    - contents: |
        br_netfilter
        overlay
        ip_tables
        iptable_filter
        iptable_nat
    - mode: 644

kubernetes_modprobe_br_netfilter:
  cmd.run:
    - name: modprobe br_netfilter
    - unless: "lsmod | grep -q br_netfilter"

kubernetes_modprobe_overlay:
  cmd.run:
    - name: modprobe overlay
    - unless: "lsmod | grep -q overlay"

kubernetes_modprobe_ip_tables:
  cmd.run:
    - name: modprobe ip_tables
    - unless: "lsmod | grep -q ip_tables"

kubernetes_modprobe_iptable_filter:
  cmd.run:
    - name: modprobe iptable_filter
    - unless: "lsmod | grep -q iptable_filter"

kubernetes_modprobe_iptable_nat:
  cmd.run:
    - name: modprobe iptable_nat
    - unless: "lsmod | grep -q iptable_nat"

##### Port Forwarding

kubernetes_sysctl_config_dir:
  file.directory:
    - name: /etc/sysctl.d
    - mode: 755
    - makedirs: True

kubernetes_sysctl_file:
  file.managed:
    - name: /etc/sysctl.d/k8s.conf
    - contents: |
        net.ipv4.ip_forward = 1
        net.bridge.bridge-nf-call-iptables = 1
        net.bridge.bridge-nf-call-ip6tables = 1
    - mode: 644

kubernetes_sysctl_reload:
  cmd.run:
    - name: sysctl --system
    - onchanges:
      - file: kubernetes_sysctl_file

##### Container Runtime

containerd_pkg:
  pkg.installed:
    - name: containerd

containerd_config_dir:
  file.directory:
    - name: /etc/containerd
    - mode: 755
    - makedirs: True
    - require:
      - pkg: containerd_pkg

containerd_default_config:
  cmd.run:
    - name: containerd config default > /etc/containerd/config.toml
    - unless: "test -f /etc/containerd/config.toml"
    - require:
      - file: containerd_config_dir

containerd_systemdcgroup_true:
  file.replace:
    - name: /etc/containerd/config.toml
    - pattern: 'SystemdCgroup = false'
    - repl: 'SystemdCgroup = true'
    - require:
      - cmd: containerd_default_config

containerd_service:
  service.running:
    - name: containerd
    - enable: True
    - watch:
      - file: containerd_systemdcgroup_true

##### Kubernetes tooling

kubernetes_repo:
  pkg.repo_managed:
    - name: isv_kubernetes_core_stable_v1_33_build
    - humanname: "isv:kubernetes:core:stable:v1.33:build"
    - baseurl: https://download.opensuse.org/repositories/isv:/kubernetes:/core:/stable:/v1.33:/build/rpm/
    - gpgcheck: 1
    - gpgkey: https://download.opensuse.org/repositories/isv:/kubernetes:/core:/stable:/v1.33:/build/rpm/repodata/repomd.xml.key
    - enabled: 1
    - priority: 90
    - refresh: True

kubernetes_tools_pkg:
  pkg.installed:
    - names:
      - kubeadm
      - kubelet
      - kubectl
    - require:
      - pkg.repo: kubernetes_repo

kubelet_service:
  service.running:
    - name: kubelet
    - enable: True
    - require:
      - pkg: kubernetes_tools_pkg